[GTER] Bogus
Emiliano Martins
emiliano.martins at ik1.com.br
Mon Sep 1 17:30:45 -03 2008
Caros,
Obrigado pelas dicas, agora já tenho um palpite do qeu seja o problema e se
ele se confirmar eu aviso vocês.
2008/8/29 MARLON BORBA <MBORBA at trf3.jus.br>
> Ainda sobre esse assunto:
>
> http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol
>
> "Having been standardized before network security became a significant
> issue, the basic DHCP protocol includes no security features, and is
> potentially vulnerable to two types of attacks:[2]
>
> * Unauthorized DHCP Servers: as you cannot specify the server you
> want, an unauthorized server can respond to client requests, sending
> client network configuration values that are beneficial to the attacker.
> As an example, a hacker can hijack the DHCP process to configure clients
> to use a malicious DNS server or router (see also DNS cache poisoning).
> * Unauthorized DHCP Clients: By masquerading as a legitimate
> client, an unauthorized client can gain access to network configuration
> and an IP address on a network it should otherwise not be allowed to
> use. Also, by flooding the DHCP server with requests for IP addresses,
> it is possible for an attacker to exhaust the pool of available IP
> addresses, disrupting normal network activity (a denial of service
> attack).
>
> To combat these threats RFC 3118 ("Authentication for DHCP Messages")
> introduced authentication information into DHCP messages allowing
> clients and servers to reject information from invalid sources. Although
> support for this protocol is widespread, a large number of clients and
> servers still do not fully support authentication, thus forcing servers
> to support clients that do not support this feature. As a result, other
> security measures are usually implemented around the DHCP server (such
> as IPsec) to ensure that only authenticated clients and servers are
> granted access to the network."
>
> EQA (Espero que Ajude),
>
> --
>
> Abraços,
>
> Marlon Borba, CISSP, APC DataCenter Associate
> Técnico Judiciário - Segurança da Informação
> IPv6 Evangelist
> TRF 3 Região
> (11) 3012-1683
> --
> Practically no IT system is risk free.
> (NIST Special Publication 800-30)
> --
>
>
> Em 29/8/2008 às 16:38, "Emiliano Martins"
> <emiliano.martins at ik1.com.br>
> gravou:
>
> > Caros,
> >
> > Sou meio leigo no assunto e nem sei se a pergunta cabe nesta lista,
> mas o
> > roteador de um cliente está dando a seguinte mensagem de log na
> interface
> > WAN :
> >
> > dhcp: received bogus message -- ignoring
> >
> > Alguém sabe o que é essa Bogus Message?
> >
> >
> > Emiliano Martins
> > --
> > gter list https://eng.registro.br/mailman/listinfo/gter
> --
> gter list https://eng.registro.br/mailman/listinfo/gter
> --
> gter list https://eng.registro.br/mailman/listinfo/gter
>
--
Emiliano Martins
iK1 Tecnologia Ltda
More information about the gter
mailing list